How to communicate/share a session between pages over HTTP and HTTPS

Posted by spirytus on Stack Overflow See other posts from Stack Overflow or by spirytus
Published on 2010-05-11T23:28:48Z Indexed on 2010/05/11 23:44 UTC
Read the original article Hit count: 288

Filed under:
|
|

What is common practice for coding web applications where part of the site has to be secured (e.g. checkout section) and part not necessarily, let's say homepage? As far as I know sharing sessions in between HTTP and HTTPS parts of the site is not easily possible (or is it?). What would be common approach if I wanted to display on HTTP page like homepage, shopping cart data (items) that users ordered on HTTPS pages? How those two parts of the site would communicate if necessary? Also isn't it security flaw in popular shopping carts as it seems that many of these have only checkout pages secured (SSL) and the rest not? I'm using PHP if it makes any difference.

© Stack Overflow or respective owner

Related posts about http

Related posts about https